<!--
  This file is a part of the open-eBackup project.
  This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0.
  If a copy of the MPL was not distributed with this file, You can obtain one at
  http://mozilla.org/MPL/2.0/.
  
  Copyright (c) [2024] Huawei Technologies Co.,Ltd.
  
  THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
  EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
  MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
  -->

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en-us" xml:lang="en-us">
 <head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <meta name="DC.Type" content="topic">
  <meta name="DC.Title" content="Managing Windows ADFS Configuration (Applicable to 1.6.0 and Later Versions)">
  <meta name="product" content="">
  <meta name="DC.Relation" scheme="URI" content="helpcenter000126.html">
  <meta name="prodname" content="">
  <meta name="version" content="">
  <meta name="brand" content="30-OceanProtect Appliance 1.5.0-1.6.0 Help Center">
  <meta name="DC.Publisher" content="20241029">
  <meta name="prodname" content="csbs">
  <meta name="documenttype" content="usermanual">
  <meta name="DC.Format" content="XHTML">
  <meta name="DC.Identifier" content="admin-0077">
  <meta name="DC.Language" content="en-us">
  <link rel="stylesheet" type="text/css" href="public_sys-resources/commonltr.css">
  <title>Managing Windows ADFS Configuration (Applicable to 1.6.0 and Later Versions)</title>
 </head>
 <body style="clear:both; padding-left:10px; padding-top:5px; padding-right:5px; padding-bottom:5px">
  <a name="admin-0077"></a><a name="admin-0077"></a>
  <h1 class="topictitle1">Managing Windows ADFS Configuration (Applicable to 1.6.0 and Later Versions)</h1>
  <div>
   <p id="admin-0077__en-us_topic_0000001888626984_p1428416391405">The <span id="admin-0077__en-us_topic_0000001888626984_text5812258201217">product</span> allows you to log in to the product WebUI using ADFS.</p>
   <div class="section" id="admin-0077__en-us_topic_0000001888626984_section1357741818336">
    <h4 class="sectiontitle">Prerequisites</h4>
    <ul id="admin-0077__en-us_topic_0000001888626984_ul68911710111117">
     <li id="admin-0077__en-us_topic_0000001888626984_li1231372011118">The DNS service has been configured. For details, see <a href="en-us_topic_0000001923246549.html#EN-US_TOPIC_0000001923246549">Configuring the DNS Service</a>.</li>
     <li id="admin-0077__en-us_topic_0000001888626984_li7891101071111">You have logged in to the Windows host where the ADFS server is configured and obtained the related parameters required for configuring Windows ADFS. <a href="#admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_table961764631715">Table 1</a> describes the parameters.</li>
    </ul>
   </div>
   <div class="section" id="admin-0077__en-us_topic_0000001888626984_section18373320463">
    <h4 class="sectiontitle">Procedure</h4>
    <ol id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001092505479_ol1038139939">
     <li id="admin-0077__en-us_topic_0000001888626984_li0198134611381"><span>Choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol9143133018394"><b><span id="admin-0077__en-us_topic_0000001888626984_text34321217571"><strong>System</strong></span> &gt; Security &gt; Windows ADFS</b></span>.</span></li>
     <li id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_li34791134111616"><span>Click <span><img id="admin-0077__en-us_topic_0000001888626984_image8107103513484" src="en-us_image_0000001934583557.png"></span> on the right of <strong id="admin-0077__en-us_topic_0000001888626984_b699941873413">Windows ADFS</strong> to enable this function.</span><p></p>
      <div class="note" id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_note1779573312412">
       <img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span>
       <div class="notebody">
        <p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p16795733152413">If <strong id="admin-0077__en-us_topic_0000001888626984_b151043716365">Windows ADFS</strong> is enabled, click <strong id="admin-0077__en-us_topic_0000001888626984_b557124212369">Modify</strong> in the upper right corner to perform settings.</p>
       </div>
      </div> <p></p></li>
     <li id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_li0911154591617"><span>Set Windows ADFS configuration parameters. <a href="#admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_table961764631715">Table 1</a> describes the related parameters.</span><p></p>
      <div class="tablenoborder">
       <a name="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_table961764631715"></a><a name="en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_table961764631715"></a>
       <table cellpadding="4" cellspacing="0" summary="" id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_table961764631715" frame="border" border="1" rules="all">
        <caption>
         <b>Table 1 </b>Windows ADFS configuration parameters
        </caption>
        <colgroup>
         <col style="width:19.950000000000003%">
         <col style="width:47.61%">
         <col style="width:32.440000000000005%">
        </colgroup>
        <thead align="left">
         <tr id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_row1661844612172">
          <th align="left" class="cellrowborder" valign="top" width="19.950000000000003%" id="mcps1.3.3.2.3.2.1.2.4.1.1"><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p66181646101717">Parameter</p></th>
          <th align="left" class="cellrowborder" valign="top" width="47.61%" id="mcps1.3.3.2.3.2.1.2.4.1.2"><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p4618194611715">Description</p></th>
          <th align="left" class="cellrowborder" valign="top" width="32.440000000000005%" id="mcps1.3.3.2.3.2.1.2.4.1.3"><p id="admin-0077__en-us_topic_0000001888626984_p17620111814012">How to Obtain</p></th>
         </tr>
        </thead>
        <tbody>
         <tr id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_row1961874641715">
          <td class="cellrowborder" valign="top" width="19.950000000000003%" headers="mcps1.3.3.2.3.2.1.2.4.1.1 "><p id="admin-0077__en-us_topic_0000001888626984_p15838928511">Provider</p></td>
          <td class="cellrowborder" valign="top" width="47.61%" headers="mcps1.3.3.2.3.2.1.2.4.1.2 "><p id="admin-0077__en-us_topic_0000001888626984_p328471162010">Provider name, which is set by default and cannot be changed.</p></td>
          <td class="cellrowborder" valign="top" width="32.440000000000005%" headers="mcps1.3.3.2.3.2.1.2.4.1.3 "><p id="admin-0077__en-us_topic_0000001888626984_p46202188016">Default parameter.</p></td>
         </tr>
         <tr id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_row1861864610171">
          <td class="cellrowborder" valign="top" width="19.950000000000003%" headers="mcps1.3.3.2.3.2.1.2.4.1.1 "><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p13618446121713">Name</p></td>
          <td class="cellrowborder" valign="top" width="47.61%" headers="mcps1.3.3.2.3.2.1.2.4.1.2 "><p id="admin-0077__en-us_topic_0000001888626984_p146191233145215">User-defined name of Windows ADFS.</p></td>
          <td class="cellrowborder" valign="top" width="32.440000000000005%" headers="mcps1.3.3.2.3.2.1.2.4.1.3 "><p id="admin-0077__en-us_topic_0000001888626984_p162017185020">Custom.</p></td>
         </tr>
         <tr id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_row166751053183710">
          <td class="cellrowborder" valign="top" width="19.950000000000003%" headers="mcps1.3.3.2.3.2.1.2.4.1.1 "><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p367635343717">Provider URL</p></td>
          <td class="cellrowborder" valign="top" width="47.61%" headers="mcps1.3.3.2.3.2.1.2.4.1.2 "><p id="admin-0077__en-us_topic_0000001888626984_p0691133915523">URL of the ADFS login page, which is generated after the ADFS service is configured.</p></td>
          <td class="cellrowborder" valign="top" width="32.440000000000005%" headers="mcps1.3.3.2.3.2.1.2.4.1.3 "><p id="admin-0077__en-us_topic_0000001888626984_p96208181303">The provider URL format is <strong id="admin-0077__en-us_topic_0000001888626984_b126318233513">https://</strong><em id="admin-0077__en-us_topic_0000001888626984_i124830571597">ADFS domain name</em><strong id="admin-0077__en-us_topic_0000001888626984_b285702919517">/adfs/ls/IdPInitiatedSignonPage.htm</strong>.</p> <p id="admin-0077__en-us_topic_0000001888626984_p89301516191015">Obtain the ADFS domain name and ADFS local address on the ADFS production host.</p>
           <ol type="a" id="admin-0077__en-us_topic_0000001888626984_ol13440010131218">
            <li id="admin-0077__en-us_topic_0000001888626984_li20440201014123">Start Server Manager.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li819917173127">On Server Manager, choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol77021214161311"><b>Local Server</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li487871910138">Check the values of <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol649113761717"><b>computer name</b></span>, <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol536164517176"><b>domain</b></span>, and <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol14519164919177"><b>Ethernet0</b></span> on the <strong id="admin-0077__en-us_topic_0000001888626984_b74709285465">PROPERTIES</strong> page. The ADFS domain name is the value of <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol996407184"><b>Computer name</b></span>.<span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol278414343190"><b>domain</b></span>, and the ADFS local address is the value of <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol13827161612014"><b>Ethernet0</b></span>.</li>
           </ol> <p id="admin-0077__en-us_topic_0000001888626984_p08129577429">Configure the <strong id="admin-0077__en-us_topic_0000001888626984_b14474160115215">hosts</strong> file on the local PC for logging in to the product. If the provider URL can be accessed from the local PC, no configuration is required.</p>
           <ol type="a" id="admin-0077__en-us_topic_0000001888626984_ol177224612111">
            <li id="admin-0077__en-us_topic_0000001888626984_li97729462112">Go to the <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol173491148144013"><b>C:\Windows\System32\drivers\etc</b></span> directory.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li177244691110">Open the <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol36651841124719"><b>hosts</b></span> file.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li1677211462117">Configure the following information in the file and save the file:<pre class="screen" id="admin-0077__en-us_topic_0000001888626984_screen12583120145212"><em id="admin-0077__en-us_topic_0000001888626984_i183805595413">ADFS local address</em> <em id="admin-0077__en-us_topic_0000001888626984_i131718223228">ADFS domain name</em></pre></li>
           </ol> <p id="admin-0077__en-us_topic_0000001888626984_p8164957155616">If the provider URL of the ADFS server can be accessed from the PC for logging in to the product, the following configuration is not required.</p>
           <ol type="a" id="admin-0077__en-us_topic_0000001888626984_ol2067055410113">
            <li id="admin-0077__en-us_topic_0000001888626984_li126701154131112">Open <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol1612012512106"><b>Settings</b></span> on the local PC.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li1567045411110">Choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol15103175713109"><b>Network &amp; Internet</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol16722153212117"><b>Proxy</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li1661618213534">If <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol14725736115516"><b>Use a proxy server</b></span> is <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol5974040145515"><b>ON</b></span>, you need to set the proxy. If it is <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol142841024219"><b>OFF</b></span>, skip <a href="#admin-0077__en-us_topic_0000001888626984_li156701654171116">4</a> and <a href="#admin-0077__en-us_topic_0000001888626984_li86701254201113">5</a>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li156701654171116"><a name="admin-0077__en-us_topic_0000001888626984_li156701654171116"></a><a name="en-us_topic_0000001888626984_li156701654171116"></a>In the <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol17362143191212"><b>Manual proxy setup</b></span> area, add the following content. Use semicolons (;) to separate domain names.<pre class="screen" id="admin-0077__en-us_topic_0000001888626984_screen102221884243"><em id="admin-0077__en-us_topic_0000001888626984_i1822212811249">ADFS domain name</em></pre></li>
            <li id="admin-0077__en-us_topic_0000001888626984_li86701254201113"><a name="admin-0077__en-us_topic_0000001888626984_li86701254201113"></a><a name="en-us_topic_0000001888626984_li86701254201113"></a>Click <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol16103956195213"><b>Save</b></span>.</li>
           </ol></td>
         </tr>
         <tr id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_row10478105516377">
          <td class="cellrowborder" valign="top" width="19.950000000000003%" headers="mcps1.3.3.2.3.2.1.2.4.1.1 "><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p114787555375">Callback URL</p></td>
          <td class="cellrowborder" valign="top" width="47.61%" headers="mcps1.3.3.2.3.2.1.2.4.1.2 "><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p1047895513716">Address that can be called back for logging in to the <span id="admin-0077__en-us_topic_0000001888626984_text1067061672512">product</span> after provider authentication.</p></td>
          <td class="cellrowborder" valign="top" width="32.440000000000005%" headers="mcps1.3.3.2.3.2.1.2.4.1.3 "><p id="admin-0077__en-us_topic_0000001888626984_p186204184019">Default parameter.</p> <p id="admin-0077__en-us_topic_0000001888626984_p514417413387">Configure <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol18306204511387"><b>Callback URL</b></span> on the ADFS production host.</p>
           <ol type="a" id="admin-0077__en-us_topic_0000001888626984_ol17986449173616">
            <li id="admin-0077__en-us_topic_0000001888626984_li198674973613">Start Server Manager.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li59862499366">Choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol9211516163910"><b>Tools</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol5556953162718"><b>AD FS Management</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li18986849123618">On the <strong id="admin-0077__en-us_topic_0000001888626984_b14463153995314">AD FS</strong> page, choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol17921947289"><b>AD FS</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol6224141812281"><b>Application Groups</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li09861349133615">Double-click an application group in the <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol932013292289"><b>Application Groups</b></span> area to go to the application group property page.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li4986194914368">In the <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol149341015195719"><b>Applications</b></span> area, select the corresponding server application and click <strong id="admin-0077__en-us_topic_0000001888626984_b199341115125720">Edit</strong>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li179861849183614">In the displayed <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol151613391946"><b>Server application Properties</b></span> dialog box, enter the <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol182733347178"><b>Callback URL</b></span> parameter value in the text box next to <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol18282115519284"><b>Redirect URI</b></span>, click <strong id="admin-0077__en-us_topic_0000001888626984_b4378514202">Add</strong>, and click <strong id="admin-0077__en-us_topic_0000001888626984_b5286816307">OK</strong>.</li>
           </ol></td>
         </tr>
         <tr id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_row965094819242">
          <td class="cellrowborder" valign="top" width="19.950000000000003%" headers="mcps1.3.3.2.3.2.1.2.4.1.1 "><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p8650134892418">Client ID</p></td>
          <td class="cellrowborder" valign="top" width="47.61%" headers="mcps1.3.3.2.3.2.1.2.4.1.2 "><p id="admin-0077__en-us_topic_0000001888626984_p14620045135212">Client ID generated by the ADFS.</p></td>
          <td class="cellrowborder" valign="top" width="32.440000000000005%" headers="mcps1.3.3.2.3.2.1.2.4.1.3 "><p id="admin-0077__en-us_topic_0000001888626984_p255592172112">Query the client ID on the ADFS production host.</p>
           <ol type="a" id="admin-0077__en-us_topic_0000001888626984_ol175663252114">
            <li id="admin-0077__en-us_topic_0000001888626984_li6565025217">Start Server Manager.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li25651629214">Choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol181636145312"><b>Tools</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol71203605313"><b>AD FS Management</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li45657216219">On the <strong id="admin-0077__en-us_topic_0000001888626984_b178973502531">AD FS</strong> page, choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol14897950175311"><b>AD FS</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol589715018536"><b>Application Groups</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li1551512543810">Double-click an application group in the <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol10707939904"><b>Application Groups</b></span> area to go to the application group property page.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li1851552512389">In the <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol1884114915820"><b>Applications</b></span> area, select the corresponding server application and click <strong id="admin-0077__en-us_topic_0000001888626984_b68846491684">Edit</strong>. In the displayed <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol202471231642"><b>Server application Properties</b></span> dialog box, the value of <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol8989310115814"><b>Client Id</b></span> is the client ID.</li>
           </ol></td>
         </tr>
         <tr id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_row1469861914256">
          <td class="cellrowborder" valign="top" width="19.950000000000003%" headers="mcps1.3.3.2.3.2.1.2.4.1.1 "><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p106191046181718">Client Key</p></td>
          <td class="cellrowborder" valign="top" width="47.61%" headers="mcps1.3.3.2.3.2.1.2.4.1.2 "><p id="admin-0077__en-us_topic_0000001888626984_p72611948175217">Client key generated by the ADFS.</p></td>
          <td class="cellrowborder" valign="top" width="32.440000000000005%" headers="mcps1.3.3.2.3.2.1.2.4.1.3 "><p id="admin-0077__en-us_topic_0000001888626984_p262014181103">Contact the ADFS server administrator to obtain the value.</p>
           <div class="note" id="admin-0077__en-us_topic_0000001888626984_note14310247191215">
            <span class="notetitle"> NOTE: </span>
            <div class="notebody">
             <p id="admin-0077__en-us_topic_0000001888626984_p177931722194812">Properly keep the client key you set when adding an application group. The client key is required during the Windows ADFS configuration.</p>
            </div>
           </div></td>
         </tr>
         <tr id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_row1408171722514">
          <td class="cellrowborder" valign="top" width="19.950000000000003%" headers="mcps1.3.3.2.3.2.1.2.4.1.1 "><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001175120797_en-us_topic_0000001160283107_p16619154651710">CA Certificate</p></td>
          <td class="cellrowborder" valign="top" width="47.61%" headers="mcps1.3.3.2.3.2.1.2.4.1.2 "><p id="admin-0077__en-us_topic_0000001888626984_en-us_topic_0000001263133368_en-us_topic_0267359411_p798683914475">Click <span><img id="admin-0077__en-us_topic_0000001888626984_image161065159592" src="en-us_image_0000001999856450.png"></span> and select the CA certificate corresponding to the certificate to be added.</p></td>
          <td class="cellrowborder" valign="top" width="32.440000000000005%" headers="mcps1.3.3.2.3.2.1.2.4.1.3 "><p id="admin-0077__en-us_topic_0000001888626984_p5623973225">Download the CA certificate from the ADFS production host.</p>
           <ol type="a" id="admin-0077__en-us_topic_0000001888626984_ol146341271221">
            <li id="admin-0077__en-us_topic_0000001888626984_li2063457182210">Press <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_oracle_gud_0016_uicontrol11819941114510"><b>Win+R</b></span> to open the <strong id="admin-0077__en-us_topic_0000001888626984_oracle_gud_0016_b1015191219408">Run</strong> window.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li76341572225">Enter <span class="parmvalue" id="admin-0077__en-us_topic_0000001888626984_parmvalue2634137192217"><b>mmc</b></span> and click <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol13263132873019"><b>OK</b></span>. The <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol10908036133012"><b>Console1</b></span> console page is displayed.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li166341578225">Choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol65544491302"><b>File</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol1130819546307"><b>Open</b></span> to open the certificate file.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li6634176222">Choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol188531019163112"><b>Console Root</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol56261127183115"><b>Certificates(Local Computer)</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol12661173253111"><b>Personal</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol11591113710317"><b>Certificates</b></span> and find the corresponding CA certificate, which is <em id="admin-0077__en-us_topic_0000001888626984_i5536321343">xx</em><strong id="admin-0077__en-us_topic_0000001888626984_b3217935145717">-</strong><em id="admin-0077__en-us_topic_0000001888626984_i1235718703417">xx</em><strong id="admin-0077__en-us_topic_0000001888626984_b2024712333572">-CA</strong>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li12594215346">Double-click the CA certificate. On the displayed <strong id="admin-0077__en-us_topic_0000001888626984_b1239844919572">Certificate</strong> page, select <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol1291845193611"><b>Details</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li575113712362">Choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol561518286395"><b>Copy to File...</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol192013345395"><b>Next</b></span>. On the <strong id="admin-0077__en-us_topic_0000001888626984_b9381090582">Certificate Export Wizard</strong> page that is displayed, select <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol5267910164110"><b>No,do not export the private key</b></span> and click <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol1691813994119"><b>Next</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li17393846104119">Select <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol442734224313"><b>Base-64 encoded X.509(.CER)</b></span> and click <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol5925152518440"><b>Next</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li14943427104415">Click <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol1196114174450"><b>Browse...</b></span>, select the local path for storing the downloaded file, enter the file name, and click <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol5992131211497"><b>Save</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li89582037371">Choose <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol1786019301385"><b>Next</b></span> &gt; <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol1671637083"><b>Finish</b></span>.</li>
            <li id="admin-0077__en-us_topic_0000001888626984_li952691834912">Find the CA file in the local save path and change the certificate file name extension to <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol3464318514"><b>.pem</b></span>.
             <div class="note" id="admin-0077__en-us_topic_0000001888626984_note291184012512">
              <span class="notetitle"> NOTE: </span>
              <div class="notebody">
               <p id="admin-0077__en-us_topic_0000001888626984_p09114400519">To change file name extensions in Windows, you need to disable <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol13781162431117"><b>Hide extensions for known file types</b></span>.</p>
              </div>
             </div></li>
           </ol></td>
         </tr>
        </tbody>
       </table>
      </div> <p></p></li>
     <li id="admin-0077__en-us_topic_0000001888626984_li1442017383359"><span>Click <strong id="admin-0077__en-us_topic_0000001888626984_b4234134215515">Test</strong> to test the connectivity between the Windows ADFS configuration and the <span id="admin-0077__en-us_topic_0000001888626984_text14129149103610">product</span>.</span></li>
     <li id="admin-0077__en-us_topic_0000001888626984_li435683015518"><span>Click <span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol17299737195512"><b>Save</b></span>.</span><p></p>
      <div class="note" id="admin-0077__en-us_topic_0000001888626984_note12512124951610">
       <img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span>
       <div class="notebody">
        <p id="admin-0077__en-us_topic_0000001888626984_p1051294941618">Before using Windows ADFS for login, you need to create an ADFS user (Username@<span class="uicontrol" id="admin-0077__en-us_topic_0000001888626984_uicontrol78922920199"><b>domain</b></span>) with the same name as that on the ADFS server for subsequent login. For details, see <a href="admin-0057.html#admin-0057">Creating a User</a>.</p>
       </div>
      </div> <p></p></li>
    </ol>
   </div>
  </div>
  <div>
   <div class="familylinks">
    <div class="parentlink">
     <strong>Parent topic:</strong> <a href="helpcenter000126.html">System</a>
    </div>
   </div>
  </div>
 </body>
</html>